Content-type: text/html
su - Substitutes user ID temporarily
su [-|-f] [user] [shell_option] [shell_command]
Prevents the user's shell initialization file from being executed
by passing the
-f
option to the
user's
shell, thus making
su
start up faster. The
-f
option is supported by the
csh
family of shells.
Simulates a full login by executing the commands in either
the
.cshrc
and
.login
files for
csh
or the
.profile
file for
sh
and
ksh
and by setting the current working directory to
the
user's home directory.
Passes the specified shell option flag to the newly invoked
user's shell for execution. The
shell_option
must
be supported by the invoked shell. The
csh,
sh,
ksh, and any other interactive command shell
support the commonly used
-c
shell option. By default (no ``shell_option''), the shell is opened with the
-i
(interactive) shell option. See the reference page for the shell
you are using for more information on the shell options.
Passes the specified command to the newly invoked user's shell
for execution. The
shell_command
must be supported
by the invoked shell.
The su command demands the password of the specified user, and if it is given, changes to that user and invokes the user's shell without changing the current directory.
Except in a case where the - option is used, the user environment is unchanged except for HOME, SHELL, USER, and LOGNAME which are taken from the password file for the user being substituted (see environ). The new user ID stays in force until the shell exits.
If no user is specified, root is assumed. Only users who belong to group number 0 (system) can issue su to become root, even with the root password. To remind superusers of their responsibilities, the shell substitutes a # (number sign) for its usual prompt.
Shell commands may be passed to the shell that is spawned by
su
by including them on the command line after the
su
flags and arguments. After the flags recognized by
su
and
the
user
argument are processed, unrecognized command
line flags (shell_options) and/or arguments (shell_commands) are passed to the shell for execution. If the
spawned shell does not support the command or the format of the command, the
command is not executed and the resulting shell behavior and error messages
are determined by the shell.
The
su
command fails if any lock conditions exist
on the target account. Specifically, if the destination account was retired,
if the number of unsuccessful login attempts exceeds the maximum allowed,
if the administrative lock was applied, or the password's lifetime was exceeded,
the Information System Security Officer (ISSO) must unlock the destination
account before any user can log in to it or use
su
to transition
to it.
This security-sensitive command uses SIA (Security Integration Architecture)
as an interface to the security mechanism(s) that perform the actual user
validation. See the
matrix.conf(4)
reference page for more information.
Commands: csh(1), ksh(1), sh(1)